1 to 25 of 396 SIEM Jobs in England

SIEM Detection Engineer | Cyber Security Farnborough (Hybrid – 2 days onsite) Up to £65,000 + Excellent Benefits SC Clearance (or eligibility required) Ready to engineer the frontline of cyber defence? We’re working with a highly respected cyber security operation supporting critical defence environments, seeking a SIEM Detection Engineer … threat detection capability across secure enterprise environments. This is a hands-on technical role where you’ll design, build and optimise detection logic across SIEM platforms, working directly against real-world attacker techniques in a mature, high-performing SOC. You’ll have the autonomy to shape detection strategy, influence capability ...

Windows, Linux and Cloud environments Encryption – Familiarity with encryption protocols and technologies Penetration Testing – Ability to assess and interpret penetration test results Security Tools – SIEM, SOAR, EDR, UTM Cloud Security – Understanding of AWS, Azure, etc. Security Frameworks – Knowledge of MITRE ATT&CK, NIST, etc. Consulting Skills Risk management, strategic planning ...

relevant certifications preferred. Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. Strong knowledge of Microsoft Azure cloud security technologies and concepts. Familiar with cybersecurity frameworks such ...

analysis, threat detection, and handling security incidents end to end. Experience with security tooling such as Security Hub, GuardDuty, Detective, CloudTrail, CloudWatch, Inspector, SIEM (Elastic, Sentinel) and related cloud native controls. Practical experience with scripting (Python preferred) and Infrastructure as Code tooling such as Terraform. Solid understanding ...

certifications (CISSP, CISM, CEH, CCSP, etc.) are highly desirable. Technical Skills: Strong knowledge of security frameworks (NIST, ISO 27001) and experience with security technologies (SIEM, endpoint protection, data loss prevention). Cloud Platforms: Extensive experience in securing cloud platforms such as AWS, Azure, or Google Cloud. Communication Skills: Exceptional verbal ...

remote access/VPN configurations where required and ensure changes follow change control. Enable and review network security logging/alerting (e.g., syslog/SIEM integrations where applicable). Monitoring, Detection & Incident Response (Sophos MDR) Act as the internal technical point of contact for Sophos MDR and ensure smooth collaboration ...

eligible for SC Clearance Proven ability to lead complex cyber investigations and incident response engagements during live events. Experience with forensic tools, SIEM platforms, and threat detection methodologies. Knowledge of Windows and cloud environments. Excellent analytical, problem-solving, and communication skills. Customer-focused with the ability to remain calm under ...

security management, covering risk management, incident response, threat intelligence, and cyber security solutions. Strong knowledge of security technologies and controls (e.g., firewalls/WAF, SIEM, anti-malware, mobile application security, IAM/PAM) with exposure to cloud security (AWS). Experience conducting vulnerability assessments, penetration testing, and security evaluations, with ...

and ESXi • Cisco Meraki, VLANs, VPNs, firewall rules and network segmentation • Security monitoring, incident response and vulnerability management • Sophos MDR or similar MDR/SIEM tooling • Windows/Linux hardening and secure configuration • Disaster Recovery and Business Continuity testing • PowerShell, KQL or Python desirable • Microsoft Defender, Sentinel or CIS exposure ...

cyber threats and AI-enabled attack techniques.Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging, network security, and vulnerability management. Knowledge of security architecture ...

threats and AI-enabled attack techniques. Core Skills Strong foundation in modern cyber security engineering and detection engineering principles. Experience with security monitoring platforms, SIEM systems, and alerting/detection pipelines. Strong understanding of identity and access management, endpoint security, logging, network security, and vulnerability management. Knowledge of security architecture ...

WebAuthn, SAML, OAuth 2.0, OpenID Connect). Practical experience securing macOS, Windows and Linux endpoints using MDM and EDR/XDR tooling. Experience operating SIEM and/or SOAR platforms and tuning detection logic. Experience with vulnerability management and patch governance. Ability to write production-quality automation scripts. Demonstrated experience ...

hunts. Key Skills: * Strong understanding of network and end point security, incident response, threat intelligence, and vulnerability management. * Experienced with security tools such as SIEM platforms, EDR/XDR solutions, firewalls, IDS/IPS. * Strong knowledge of Microsoft Azure cloud security technologies and concepts. * Familiar with cybersecurity frameworks such ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

Proven experience leading incident response and remediation activity Expertise in Microsoft 365/Azure security and hybrid cloud environments Experience operating security tooling (EDR, SIEM, firewalls, identity platforms) at scale Solid understanding of frameworks such as ISO 27001, NCSC guidance, NIST CSF, MITRE ATT&CK Experience managing suppliers, SOC providers ...

Analyst * Detection & Response Lead * Cyber Security Team Lead You'll ideally bring experience across some of the following: * Security Operations and Incident Response * SIEM, EDR/XDR and security monitoring tools * Vulnerability Management * Threat Detection and Threat Hunting * Cloud Security (Azure, AWS or GCP) * Security Frameworks such ...

certification (e.g., CISSP, CISM, SANS) with ongoing professional development. Experience with cloud security controls and monitoring (e.g., Microsoft 365/Azure). Experience with SIEM/SOAR, detection engineering or incident automation. Experience implementing IAM tooling and access governance (e.g., PAM, IGA). Experience commissioning security testing and remediation programmes ...

protection standards (e.g., FIPS 140-2), and separation of duties in secure environments. • Experience using Microsoft Management Console (MMC) snap-ins, event logs, and SIEM platforms to identify and resolve issues proactively. • Experience with IT asset management tools related to discovery and information collection • Understanding of backup procedures. • Ability ...

client environments Perform threat detection, triage, analysis, and remediation activities Lead incident response activities and provide technical guidance to junior analysts Analyse alerts from SIEM, EDR, IDS/IPS, and other security tooling Conduct threat hunting and proactive security monitoring Support continuous improvement of SOC processes, playbooks, and operational procedures … development of junior team members Required Experience Proven experience working within an MSSP environment Strong background in Security Operations/SOC environments Experience with SIEM platforms such as Microsoft Sentinel, Splunk, QRadar, or similar Knowledge of EDR technologies and incident response methodologies Strong understanding of network security, firewalls, endpoint security ...

Zero Trust environments • Configure and optimise security policies including DLP, CASB, FWaaS, segmentation, and secure web access • Integrate Zero Trust solutions with identity providers, SIEM/SOAR platforms, and endpoint security tooling • Conduct threat modelling, risk assessments, and security architecture reviews • Troubleshoot complex deployment and access issues across enterprise environments ...

architecture Experience with vulnerability management and security operations within OT environments Understanding of security technologies including: IAM, EDR, Firewalls, PKI, DLP, DAM Experience with SIEM technologies such as: Google Chronicle, Splunk ES & QRadar Experience with log source integration, correlation rules and parser development Strong stakeholder engagement and communication skills Desirable ...

Assisting with Zero Trust Client configuration and rollout, including secure network and data access. Integrate Zero Trust solutions with identity providers (Entra AD, Okta), SIEM/SOAR systems, endpoint platforms, and data repositories. Assisting infrastructure teams in migrating legacy VPN, proxy, and firewall solutions to cloud native Zero Trust models ...

identification, and continuous improvement Lead security engagement within client Design Authority and Enterprise Architecture forums Manage integration with the client SOC, including security reporting, SIEM alignment, and incident response coordination Oversee security incident management in line with the client Cyber Security Incident Response Plan Own joiner/mover/leaver ...

systems remain at the required security posture against baseline requirements Work with the Security Monitoring engineering team to ensure logs are forward to the SIEM capability Work with the customer and appropriate agencies to develop new policies, design processes, and procedures, and develop technical designs Assess system vulnerabilities, implement risk ...

audits, risk assessments and maturity reviews. Engineer and embed technical controls supporting NIST CSF and ISO/IEC 27001 objectives. Support security tooling integration (SIEM log sources, EDR/XDR dependencies, vulnerability tooling). Enable and validate security telemetry coverage audit policy configuration, log forwarding/collection, event quality (normalisation ...